From: Armin Kuster <akuster808@gmail.com>
To: openembedded-core@lists.openembedded.org
Subject: [PATCH 00/30] Thud-next pull request
Date: Sat, 27 Jul 2019 07:20:36 -0700 [thread overview]
Message-ID: <cover.1564236944.git.akuster808@gmail.com> (raw)
The following changes since commit f162d5bfe6eaeca24f441c83c87252c8d05744fc:
core-image-sato-sdk-ptest: Tweak size to stay within 4GB limit (2019-05-17 22:05:59 -0700)
are available in the git repository at:
git://git.openembedded.org/openembedded-core-contrib stable/thud-next
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/thud-next
Armin Kuster (16):
glibc: Security fix CVE-2019-9169
elfutils: Security fixes CVE-2019-7146,7149,7150
qemu: Several CVE fixes
python: Update to 2.7.16
busybox: Security fixes for CVE-2018-20679 CVE-2019-5747
sqlite3: Security fixes for CVE-2018-20505 & 20506
file: Multiple Secruity fixes
go: update to minor update 1.11.10
qemu: Security fix for CVE-2018-19489
Tar: Security fix CVE-2019-0023
glib-2.0: Security fix for CVE-2019-12450
wget: Security fix for CVE-2019-5953
Curl: Securiyt fix CVE-2019-5435 CVE-2019-5436
qemu: Security fix for CVE-2019-12155
qemu: Security fixes CVE-2018-20815 CVE-2019-9824
glib: Security fix for CVE-2019-9633
Chen Qi (2):
cups: upgrade to 2.2.9
cups: upgrade to 2.2.10
Hongxu Jia (1):
go-target.inc: fix go not found while multilib enabled
Joshua DeWeese (1):
wpa_supplicant: Changed systemd template units
Khem Raj (1):
go: Upgrade 1.11.1 -> 1.11.4 minor release
Martin Jansa (1):
python: add a fix for CVE-2019-9948 and CVE-2019-9636
Richard Purdie (4):
go-crosssdk: PN should use SDK_SYS, not TARGET_ARCH
yocto-uninative: Update to 2.5 release
uninative: Switch from bz2 to xz
uninative: Update to 2.6 release
Robert Yang (1):
uboot-sign.bbclass: Remove tab indentations in python code
Ross Burton (3):
cairo: fix CVE-2018-19876 CVE-2019-6461 CVE-2019-6462
lighttpd: fix CVE-2019-11072
glibc: backport CVE fixes
meta/classes/uboot-sign.bbclass | 20 +-
meta/classes/uninative.bbclass | 4 +-
meta/conf/distro/include/yocto-uninative.inc | 8 +-
...place-systemd-install-Alias-with-WantedBy.patch | 52 ++++
.../wpa-supplicant/wpa-supplicant_2.6.bb | 1 +
.../busybox/busybox/CVE-2018-20679.patch | 142 +++++++++
.../busybox/busybox/CVE-2019-5747.patch | 60 ++++
meta/recipes-core/busybox/busybox_1.29.3.bb | 2 +
.../glib-2.0/glib-2.0/CVE-2019-12450.patch | 59 ++++
.../glib-2.0/glib-2.0/CVE-2019-9633_p1.patch | 316 +++++++++++++++++++++
.../glib-2.0/glib-2.0/CVE-2019-9633_p2.patch | 231 +++++++++++++++
meta/recipes-core/glib-2.0/glib-2.0_2.58.0.bb | 3 +
meta/recipes-core/glibc/glibc/CVE-2016-10739.patch | 232 +++++++++++++++
meta/recipes-core/glibc/glibc/CVE-2018-19591.patch | 48 ++++
meta/recipes-core/glibc/glibc/CVE-2019-9169.patch | 63 ++++
meta/recipes-core/glibc/glibc_2.28.bb | 3 +
meta/recipes-devtools/elfutils/elfutils_0.175.bb | 4 +
.../elfutils/files/CVE-2019-7146_p1.patch | 52 ++++
.../elfutils/files/CVE-2019-7146_p2.patch | 65 +++++
.../elfutils/files/CVE-2019-7149.patch | 148 ++++++++++
.../elfutils/files/CVE-2019-7150.patch | 51 ++++
.../recipes-devtools/file/file/CVE-2019-8904.patch | 30 ++
.../file/file/CVE-2019-8905_CVE-2019-8907.patch | 120 ++++++++
.../recipes-devtools/file/file/CVE-2019-8906.patch | 27 ++
meta/recipes-devtools/file/file_5.34.bb | 3 +
meta/recipes-devtools/go/go-1.11.inc | 7 +-
...07-cmd-go-make-GOROOT-precious-by-default.patch | 6 +-
.../0008-use-GOBUILDMODE-to-set-buildmode.patch | 13 +-
meta/recipes-devtools/go/go-crosssdk.inc | 2 +-
meta/recipes-devtools/go/go-target.inc | 2 +-
...on-native_2.7.15.bb => python-native_2.7.16.bb} | 2 -
meta/recipes-devtools/python/python.inc | 18 +-
...23-Use-XML_SetHashSalt-in-_elementtree-GH.patch | 96 -------
...ix-test_ssl-when-a-filename-cannot-be-enc.patch | 55 ----
...LS-1.3-ciphers-for-OpenSSL-1.1.1-GH-6976-.patch | 120 --------
...34540-Convert-shutil._call_external_zip-t.patch | 67 -----
...dd-missing-closing-wrapper-in-test_tls1_3.patch | 37 ---
...ix-test_ssl.test_options-to-account-for-O.patch | 37 ---
...ix-test_default_ecdh_curve-needs-no-tlsv1.patch | 34 ---
.../python/bpo-35907-cve-2019-9948-fix.patch | 55 ++++
.../python/python/bpo-35907-cve-2019-9948.patch | 55 ++++
.../python/bpo-36216-cve-2019-9636-fix.patch | 28 ++
.../python/python/bpo-36216-cve-2019-9636.patch | 111 ++++++++
.../python/{python_2.7.15.bb => python_2.7.16.bb} | 6 +-
.../qemu/qemu/CVE-2018-16867.patch | 49 ++++
.../qemu/qemu/CVE-2018-16872.patch | 89 ++++++
.../qemu/qemu/CVE-2018-18849.patch | 86 ++++++
.../qemu/qemu/CVE-2018-19364_p1.patch | 51 ++++
.../qemu/qemu/CVE-2018-19364_p2.patch | 115 ++++++++
.../qemu/qemu/CVE-2018-19489.patch | 83 ++++++
.../qemu/qemu/CVE-2018-20815_p1.patch | 42 +++
.../qemu/qemu/CVE-2018-20815_p2.patch | 52 ++++
.../qemu/qemu/CVE-2019-12155.patch | 38 +++
.../recipes-devtools/qemu/qemu/CVE-2019-9824.patch | 47 +++
meta/recipes-devtools/qemu/qemu_3.0.0.bb | 10 +
.../0001-don-t-try-to-run-generated-binaries.patch | 29 +-
.../cups/{cups_2.2.8.bb => cups_2.2.10.bb} | 4 +-
.../lighttpd/lighttpd/fix-http-parseopts.patch | 51 ++++
meta/recipes-extended/lighttpd/lighttpd_1.4.51.bb | 1 +
meta/recipes-extended/tar/tar/CVE-2019-9923.patch | 38 +++
meta/recipes-extended/tar/tar_1.30.bb | 1 +
.../recipes-extended/wget/wget/CVE-2019-5953.patch | 51 ++++
meta/recipes-extended/wget/wget_1.19.5.bb | 1 +
.../cairo/cairo/CVE-2019-6461.patch | 19 ++
.../cairo/cairo/CVE-2019-6462.patch | 20 ++
meta/recipes-graphics/cairo/cairo_1.14.12.bb | 2 +
meta/recipes-support/curl/curl/CVE-2019-5435.patch | 200 +++++++++++++
meta/recipes-support/curl/curl/CVE-2019-5436.patch | 32 +++
meta/recipes-support/curl/curl_7.61.0.bb | 2 +
.../sqlite/files/CVE-2018-20505.patch | 31 ++
.../sqlite/files/CVE-2018-20506.patch | 103 +++++++
meta/recipes-support/sqlite/sqlite3_3.23.1.bb | 2 +
72 files changed, 3233 insertions(+), 511 deletions(-)
create mode 100644 meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0001-replace-systemd-install-Alias-with-WantedBy.patch
create mode 100644 meta/recipes-core/busybox/busybox/CVE-2018-20679.patch
create mode 100644 meta/recipes-core/busybox/busybox/CVE-2019-5747.patch
create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2019-12450.patch
create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2019-9633_p1.patch
create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2019-9633_p2.patch
create mode 100644 meta/recipes-core/glibc/glibc/CVE-2016-10739.patch
create mode 100644 meta/recipes-core/glibc/glibc/CVE-2018-19591.patch
create mode 100644 meta/recipes-core/glibc/glibc/CVE-2019-9169.patch
create mode 100644 meta/recipes-devtools/elfutils/files/CVE-2019-7146_p1.patch
create mode 100644 meta/recipes-devtools/elfutils/files/CVE-2019-7146_p2.patch
create mode 100644 meta/recipes-devtools/elfutils/files/CVE-2019-7149.patch
create mode 100644 meta/recipes-devtools/elfutils/files/CVE-2019-7150.patch
create mode 100644 meta/recipes-devtools/file/file/CVE-2019-8904.patch
create mode 100644 meta/recipes-devtools/file/file/CVE-2019-8905_CVE-2019-8907.patch
create mode 100644 meta/recipes-devtools/file/file/CVE-2019-8906.patch
rename meta/recipes-devtools/python/{python-native_2.7.15.bb => python-native_2.7.16.bb} (96%)
delete mode 100644 meta/recipes-devtools/python/python/0001-2.7-bpo-34623-Use-XML_SetHashSalt-in-_elementtree-GH.patch
delete mode 100644 meta/recipes-devtools/python/python/0001-bpo-33354-Fix-test_ssl-when-a-filename-cannot-be-enc.patch
delete mode 100644 meta/recipes-devtools/python/python/0001-bpo-33570-TLS-1.3-ciphers-for-OpenSSL-1.1.1-GH-6976-.patch
delete mode 100644 meta/recipes-devtools/python/python/0001-closes-bpo-34540-Convert-shutil._call_external_zip-t.patch
delete mode 100644 meta/recipes-devtools/python/python/0002-bpo-34818-Add-missing-closing-wrapper-in-test_tls1_3.patch
delete mode 100644 meta/recipes-devtools/python/python/0003-bpo-34834-Fix-test_ssl.test_options-to-account-for-O.patch
delete mode 100644 meta/recipes-devtools/python/python/0004-bpo-34836-fix-test_default_ecdh_curve-needs-no-tlsv1.patch
create mode 100644 meta/recipes-devtools/python/python/bpo-35907-cve-2019-9948-fix.patch
create mode 100644 meta/recipes-devtools/python/python/bpo-35907-cve-2019-9948.patch
create mode 100644 meta/recipes-devtools/python/python/bpo-36216-cve-2019-9636-fix.patch
create mode 100644 meta/recipes-devtools/python/python/bpo-36216-cve-2019-9636.patch
rename meta/recipes-devtools/python/{python_2.7.15.bb => python_2.7.16.bb} (98%)
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2018-16867.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2018-16872.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2018-18849.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2018-19364_p1.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2018-19364_p2.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2018-19489.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2018-20815_p1.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2018-20815_p2.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2019-12155.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2019-9824.patch
rename meta/recipes-extended/cups/{cups_2.2.8.bb => cups_2.2.10.bb} (40%)
create mode 100644 meta/recipes-extended/lighttpd/lighttpd/fix-http-parseopts.patch
create mode 100644 meta/recipes-extended/tar/tar/CVE-2019-9923.patch
create mode 100644 meta/recipes-extended/wget/wget/CVE-2019-5953.patch
create mode 100644 meta/recipes-graphics/cairo/cairo/CVE-2019-6461.patch
create mode 100644 meta/recipes-graphics/cairo/cairo/CVE-2019-6462.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2019-5435.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2019-5436.patch
create mode 100644 meta/recipes-support/sqlite/files/CVE-2018-20505.patch
create mode 100644 meta/recipes-support/sqlite/files/CVE-2018-20506.patch
--
2.7.4
reply other threads:[~2019-07-27 14:21 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1564236944.git.akuster808@gmail.com \
--to=akuster808@gmail.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.